BaseWall, Tel: +31-74-2491004, Fax: +31-74-2593934
44
7 : VPN Configuration
Virtual Private Network (VPN) uses encryption and authentication to create the connection
between two end points (computers or networks). It allows private data to be sent securely
over a public network or Internet without the risk of unauthorized access from outside
intruders. VPN establishes a private network that can send data securely between two
networks. We call this creating a “tunnel”. A VPN tunnel connects the two PCs or networks.
Note:
The Dual WAN VPN Firewall uses industry standard IPsec encryption. However, due to the
variations in how manufactures interpret this standard, many VPN products are not interoperable.
Although the Dual WAN VPN Firewall can interoperate with many other VPN products, it is not
possible for Dual WAN VPN Firewall to provide specific technical support for every other products.
Planning the VPN
When planning your VPN, you must make following choices first.
1. If the remote end is network, the two-endpoint network must have different LAN IP address ranges. If
the remote endpoint is a single PC running a VPN client, its destination address must be a single IP address,
with subnet mask of 255.255.255.255
2. Will you be using the Internet Key Exchange (IKE) setup, or Manual Keying, in which you must
specify each phase of the connection. IKE has become the standard for automatic keying.
3. What encryption level you are going to use (DES,3DES or AES)?
The settings that you have to make when connecting to another BaseWall product are kept basic.
Some Standard settings that we use for tunnels between our products are SHA1 authentication, AES 128
bits encryption and DH group 2 as hash algorithm. This is a basic setting that ensures good speed and a
very secure encryption and authentication so your data will be safely transported via the IPSec tunnel.
There are two basic settings :
Tunnel to BaseWall Unit -
This describes how to setup an IPSec tunnel to a BaseWall VPN
1000,2000,3000,4000,5000 and 6000.